Clik here to view.
Application-Firewall cannot block torrent (utorrent) if not combine with IDP?
Hi all, Currently i'm testing Application-Firewall feature in vSRX D100. I'm follow this url http://junosnotes.blogspot.my/2013/04/srx-application-firewall.html#more . when i just use...
View ArticleWhatsapp Android App issue with Juniper SRX
I have made a simple AppID policy to block WhatsApp, but to my dimay (surprisingly) WhatsApp messages on its Android App are still working as if there is no policy but the other WhatsApp signature for...
View ArticleClik here to view.
STATIC NAT and Security Policy on SRX
Hi everyone, I apologize for the long winded email but I want to provide as much info as possible to get this concept straight. Please consider following cases: CASE1: STATIC NAT (Only Changing...
View ArticleSRX PIM DENSE MODE | RECEIVER AND SOURCE
Hi everyone, Please consider the following set up: We are using PIM DENSE MODE S-----f1 SRX1 f2--------f2-SRX2 -f1-----R S: Multicast source sending stream at 239.1.1.1R; Receiver listening on...
View ArticleArp question, arp-resp on lo0
I tried to configure the arp-resp command on the lo0.0 interface and it did not work. It isn't a sub command there. I thought I did successfully use it in the past. About a day or two ago. Weird. Any...
View ArticleDyn VPN with SRX behind NAT Device, and Split Tunnel
Hi, I'm trying to establish a Dynamic VPN which the SRX is behind a 1-to-1 NAT Device, whith Split tunnel enabled. The connection is successfull, but im experiencing a weird behavior.The internet...
View ArticleSRX340 max. sessions
Hi there, I've seen in srx3XX datasheet, most specifically on this one: https://www.juniper.net/assets/fr/fr/local/pdf/datasheets/1000550-en.pdf , that srx340 has a maximum of concurrent sessions of...
View ArticleSRX VPN Tunnel Change MTU size
Hi, I have a branch router in a different country with IPSEC VPN tunnels set. Recently there are intermittent latency issues due to Network Congession experienced by the ISP in the remote country. My...
View ArticleIS-IS and VLANs
Hi all,Does anyone have any pointers for running IS-IS between SRX's with a VLAN in between?Setup is as follows:Router A -ge-0/0/2 - vlan-tagging, mtu 1540, unit 5 vlan-id 5, family inet address...
View ArticleWhy mix mode setup on SRX5800 need reboot?
Hi all, Based on this url https://www.juniper.net/documentation/en_US/junos/topics/concept/security-mixed-mode-understanding.html it should not required reboot. On junos version 15.xD30 it dont need...
View ArticleIP Sec VPN implementation
Hi, Can any one tell me if its possible to use IPSec VPN when there is only One SRX available, as i believe its is only possible when we have 2 x SRX devices. Regards, Mannan
View ArticleSRX with GRE and NAT scenario
Hello everyone, Please consider the following set up: SERVER 10.10.10.10---10.10.10.1-f1 SRX1-f2 199.199.199.2---INTERNET----200.200.200.2-f2-SRX2-f1-10.11.11.0/24 hostsAbove we have:GRE tunnel between...
View ArticleClik here to view.
jdhcpd - adding permanent arp entry for leases
I've been incontact with Juniper regarding there deprecation of the "old" dhcpd service in favor of jdhcpd in Junos. The new jdhcpd service add a permanent arp entry for it's leases into the arp table....
View ArticleSRX1800 LAC
Quick question.... Can an SRX1800 be configured to act as a LAC (L2TP Access Concentrator)?
View ArticleClik here to view.
SRX 1400 - redirect blocked users to custom URL
I have SRX 1400 @ JUNOS 12.3X48-D40.5 Imagine having, among others, following zones: UNTRUSTED-CLIENTS, WORLD and INTRANET. I want to block all traffic from UNTRUSTED-CLIENTS to WORLD, but I want to...
View ArticleControlling Multicast stream on SRX enabled for PIM DENSE MODE
Hi everyone, Please consider the following set up: S-----f1 SRX1—f2------WAN-----f2SRX2—Receiver (239.2.2.2) Above we have multicast source sending traffic at 239.1.1.1, SRX 1is running PIM dense mode...
View ArticleDynamic DNS script not working
Found an article here: https://forums.juniper.net/t5/Junos-Automation-Scripting/Script-for-DDNS/td-p/56004 I set this script up, and I can manually execute it as an "op" and it works fine. When I let...
View ArticleArp-resp on avaya stack
I have a problem with using arp-resp on a stack. Any help would be appreciated.
View ArticleHow to convert this command on screenos to srx?
Hi all, Below is the command in screenos. Tools I2J fail to convert this below command. May i know how to convert into srx junos? set service "FTP" timeout 1 set service "HTTPS" timeout 40 set service...
View ArticleArp and NDP on different interfaces...
I am running arp on my vlan and NDP on my ingress/egress interface(not vlan, ge-0/0/0.0), cable modem wan. Does any body have comments. I can't get NDP to stick to my vlan.
View Article